Hello. I am trying to configure additional global catalog servers to be used by our Exchange 2007 SP1 server and I'm running into some issues. I believe when our Exchange 2007 environment was stood up, we only had one GC configured and that was the one that was configured by Exchange. Now we've configured all of our DC's as GC's and have installed a local GC in the same AD Site as the Exchange 2007 mailbox server. From the Application Log, I see the following event:Log Name: Application Source: MSExchange ADAccess Date: 2/1/2011 2:09:39 PM Event ID: 2080 Task Category: Topology Level: Information Keywords: Classic User: N/A Computer: mailserver2.mycompany.corp Description: Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1692). Exchange Active Directory Provider has discovered the following servers with the following characteristics: (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version) In-site: domaincontroller4.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 Out-of-site: domaincontroller2.mycompany.corp CDG 1 7 7 1 0 1 1 7 1 domaincontroller1.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 domaincontroller3.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 After doing some research, it looks like I can run the following command to configure domaincontroller4 to be used since it's the local GC at that site. setup.com /prepareAD /domaincontroller:domaincontroller4.mycompany.corp The error message that I get is that I am required to enter in an Exchange organization name. I thought I wouldn't need to specify an organization name since I already have the Exchange organization configured. When I specify our organization name (the one I get when I run get-organizationconfig) I get the following error message: "The specified value 'MYCompany Name Corp' is not a valid organization name. Please specify a valid organization name." Any thoughts on what needs to be run to get all of the global catalog servers to show up with CDG 1 7 7 1 0 1 1 7 1 in the MSExchange ADAccess event? Thanks. Y2Kade

The command that you have entered is to use a specific DC when Exchange is doing the prep, nothing more. Exchange will only use one GC at a time, therefore having additional GCs is a good thing, it will not really change anything with regards to Exchange. What is the goal here? You don't want Exchange going across AD sites for DC functionality. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

Thanks for the reply. Since domaincontroller2 is the only GC configured with permissions in our Exchange 2007 environment when we reboot domaincontroller2 our Exchange environment goes down. Exchange does see domaincontroller4 which is in the same site as the Exchange server but based on the numerical output in the event, I was told Exchange doesn't have access to use it as a GC. domaincontroller4.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 I believe that all the GC's in Event 2080 should have 1 7 7 1 0 1 1 7 1 configured. I think domaincontroller2 was the only DC that was configured as a GC when our Exchange 2007 environment was stood up and that's why all the other DC's (which have since been converted to GC's) have 1 6 6 1 0 1 1 6 1 set.

The behaviour you are seeing with Exchange going down when the domain controller is rebooted is unfortunately the usual thing. Exchange locks on to a specific DC, it doesn't change, and when that DC goes away it takes it some time before it looks for another one. Microsoft claim 10 minutes I believe but it can be as long as 35 minutes. You have two options. 1. Before rebooting the GC/DC that Exchange is using, force it to use another one. 2. After rebooting the GC/DC that Exchange is using, restart System Attendant, which forces Exchange to find another GC/DC to use. You should really have two in the same AD site as Exchange. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

On Wed, 2 Feb 2011 00:52:33 +0000, Y2.Kade wrote: > > >Hello. I am trying to configure additional global catalog servers to be used by our Exchange 2007 SP1 server and I'm running into some issues. I believe when our Exchange 2007 environment was stood up, we only had one GC configured and that was the one that was configured by Exchange. Now we've configured all of our DC's as GC's and have installed a local GC in the same AD Site as the Exchange 2007 mailbox server. > >From the Application Log, I see the following event:Log Name: Application Source: MSExchange ADAccess Date: 2/1/2011 2:09:39 PM Event ID: 2080 Task Category: Topology Level: Information Keywords: Classic User: N/A Computer: mailserver2.mycompany.corp Description: Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1692). Exchange Active Directory Provider has discovered the following servers with the following characteristics: (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version) In-site: domaincontroller4.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 Out-of-site: domaincontroller2.mycompany.corp CDG 1 7 7 1 0 1 1 7 1 domaincontroller1.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 domaincontroller3.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 Your only in-site GC isn't "reachable" on port 3268, and the GC isn't synchronized, either. That's what those 1st two "6"s mean. The last "6" says the server couldn't log in to the GC (and if it isn't reachable that's not surprising). In-site: domaincontroller4.mycompany.corp CDG 1 6 6 1 0 1 1 6 1 You seem to have only one working GC: domaincontroller2. Do you have any firewalls in place that would prevent connections on port 3268 from your Exchange server to your other GCs? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Ah... that makes total sense. I've confirmed that the Windows firewall isn't enabled on either system. My guess is that Symantec Endpoint Protection is the culprit. I'll need to look into that. Thanks everyone for helping an Exchange newbie out.

Ah... that makes total sense. I've confirmed that the Windows firewall isn't enabled on either system. My guess is that Symantec Endpoint Protection is the culprit. I'll need to look into that. Thanks everyone for helping an Exchange newbie out. UPDATE: I took a quick at the events on domaincontroller4 and even though it's been selected as a GC it's not getting a replica of the directory partition because of an orphaned child domain. I think once I clean out the orphaned domain, the GC should be able to get the replica then the Exchange server will be able to use the GC/DC. What a mess.